tylrwb Posted December 15, 2007 Share Posted December 15, 2007 I am having a little problem with my php page I have a simple area to icert data - only it does not incert the data. I have not encountered this before. I cannot see anything wrong with it but, maybe someone else can. connection to the database is already made at this point at the top of my page. It does connect and the date is entered but nothing else? Here is the code: <?php if (isset($_REQUEST['Submit'])) { $date = date("Y-m-d"); $sql = "INSERT INTO ads(heading, body, date, author_name, author_email, link) VALUES('$heading', '$body', '$date', '$author_name', '$author_email', '$link')"; if($result = mysql_query($sql ,$db)) { echo "Thank you, Your information has been entered into our database"; } else { echo "ERROR: ".mysql_error(); } } else { ?> <p><h3>Enter your ad into the database</h3> <form method="post" action="test4.php"> Name: <input type="text" size="20" name="author_name"><p> Email: <input type="text" size="20" name="author_email"><p> Heading: <input type="text" size="20" name="heading"><p> Description:<br> <textarea cols=40 rows=10 name="body" wrap="virtual"> </textarea><p> Full Link: <input type="text" size="50" name="link"><p> <input type="submit" name="Submit" value="Submit Ad!"> </form> <?php } ?> thanks for everyone's help! Quote Link to comment https://forums.phpfreaks.com/topic/81823-php-mysql-entering-data-in-database-does-not-post-to-db/ Share on other sites More sharing options...
peranha Posted December 15, 2007 Share Posted December 15, 2007 Where are you assigning the heading, body, date, author_name, author_email, and link to the variables in the form, or is it up farther with the databse. Are you getting any errors on screen or in you log file? Quote Link to comment https://forums.phpfreaks.com/topic/81823-php-mysql-entering-data-in-database-does-not-post-to-db/#findComment-415678 Share on other sites More sharing options...
tylrwb Posted December 15, 2007 Author Share Posted December 15, 2007 no errors on screen top looks like this: $db = mysql_connect($hostname, $db_user, $db_password); mysql_select_db($db_name,$db); login info is above this Quote Link to comment https://forums.phpfreaks.com/topic/81823-php-mysql-entering-data-in-database-does-not-post-to-db/#findComment-415682 Share on other sites More sharing options...
peranha Posted December 15, 2007 Share Posted December 15, 2007 Where are you doing something like this $date = date("Y-m-d"); for all the fields that are filled in. They all have to be like this $heading = $_POST(heading); and so on Quote Link to comment https://forums.phpfreaks.com/topic/81823-php-mysql-entering-data-in-database-does-not-post-to-db/#findComment-415684 Share on other sites More sharing options...
tylrwb Posted December 15, 2007 Author Share Posted December 15, 2007 I kinda thought somthing like that but I am REQUESTING not POST I get this Fatal error: Function name must be a string in /home/srppur3/public_html/srp-design/test4.php on line 121 I entered this: $heading = $_POST(heading); Quote Link to comment https://forums.phpfreaks.com/topic/81823-php-mysql-entering-data-in-database-does-not-post-to-db/#findComment-415693 Share on other sites More sharing options...
peranha Posted December 15, 2007 Share Posted December 15, 2007 $heading = mysql_real_escape_string(strip_tags($_REQUEST['heading'])); This is what I use for added security, Sorry, I overread the Request part. All your variables have to be set if you are going to put them in the database. Quote Link to comment https://forums.phpfreaks.com/topic/81823-php-mysql-entering-data-in-database-does-not-post-to-db/#findComment-415700 Share on other sites More sharing options...
tylrwb Posted December 15, 2007 Author Share Posted December 15, 2007 I was playing with the other code and this works: $heading = $_POST[heading]; I changed the brackets on heading to [ ] do you think I should use what you wrote to be more secure! Quote Link to comment https://forums.phpfreaks.com/topic/81823-php-mysql-entering-data-in-database-does-not-post-to-db/#findComment-415706 Share on other sites More sharing options...
peranha Posted December 15, 2007 Share Posted December 15, 2007 It will help with SQL injection. the striptags will take out all tags as far as links in database, font tags, etc. Quote Link to comment https://forums.phpfreaks.com/topic/81823-php-mysql-entering-data-in-database-does-not-post-to-db/#findComment-415709 Share on other sites More sharing options...
tylrwb Posted December 15, 2007 Author Share Posted December 15, 2007 Ok every thing is working fine now! I have another question if possable. this page is on my web site - and they have to pay to fill that out. How would you go about making it so the page cannot be accessed directly? They will not be a member or anything and i dont want them to be. Basically they go to a paypal page first and after payment they get to fill in the info. But you can access the page directly if you know the address.. Thanks Again Quote Link to comment https://forums.phpfreaks.com/topic/81823-php-mysql-entering-data-in-database-does-not-post-to-db/#findComment-415728 Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.